ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 402 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 402
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company is creating a solution that can move 400 employees into a remote working environment in the event of an unexpected disaster. The user desktops have a mix of Windows and Linux operating systems. Multiple types of software, such as web browsers and mail clients, are installed on each desktop.

A solutions architect needs to implement a solution that can be integrated with the company’s on-premises Active Directory to allow employees to use their existing identity credentials. The solution must provide multifactor authentication (MFA) and must replicate the user experience from the existing desktops.

Which solution will meet these requirements?

  • A. Use Amazon WorkSpaces for the cloud desktop service. Set up a VPN connection to the on-premises network. Create an AD Connector, and connect to the on-premises Active Directory. Activate MFA for Amazon WorkSpaces by using the AWS Management Console.
  • B. Use Amazon AppStream 2.0 as an application streaming service. Configure Desktop View for the employees. Set up a VPN connection to the on-premises network. Set up Active Directory Federation Services (AD FS) on premises. Connect the VPC network to AD FS through the VPN connection.
  • C. Use Amazon WorkSpaces for the cloud desktop service. Set up a VPN connection to the on-premises network. Create an AD Connector, and connect to the on-premises Active Directory. Configure a RADIUS server for MFA.
  • D. Use Amazon AppStream 2.0 as an application streaming service. Set up Active Directory Federation Services on premises. Configure MFA to grant users access on AppStream 2.0.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by devalenzuela86 at Nov. 22, 2023, 10:17 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
PAUGURU
Highly Voted 1 year, 2 months ago
Selected Answer: C
C is the only way to implement MFA. "To enable MFA for AWS services such as Amazon WorkSpaces and QuickSight, a key requirement is an MFA solution that is a Remote Authentication Dial-In User Service (RADIUS) server or a plugin to a RADIUS server already implemented in your on-premises infrastructure. " https://aws.amazon.com/it/blogs/security/how-to-enable-multi-factor-authentication-for-amazon-workspaces-and-amazon-quicksight-by-using-microsoft-ad-and-on-premises-credentials/
upvoted 19 times
...
07c2d2a
Highly Voted 1 year ago
C. is the answer, but really none of the answers are right. The real flaw here is that they're using an AD connector as a backup. They should be using a managed AD or have an EC2 AD server. If there's an actual disaster, relying on a VPN and a server that might be unreachable well architected.
upvoted 9 times
JPSWS
9 months, 2 weeks ago
So true! I was about to write the exact same thing... Disaster can often equals no more Datacenter so no AD to "connect" to for the AD connector.
upvoted 3 times
...
...
ma23
Most Recent 1 year, 1 month ago
Selected Answer: C
Answer C. https://aws.amazon.com/workspaces/ "maximize user experience" is the keyword to decide Option C.
upvoted 1 times
...
career360guru
1 year, 1 month ago
Selected Answer: C
Option C
upvoted 1 times
...
m1xa
1 year, 1 month ago
Selected Answer: D
A and C are out because these options require implementing a RADIUS server on-premise. So, B or D. I would prefer B because it is a more secure solution, but since there is no mention of traffic security, I choose D. Using SAML2 you can set MFA for users. https://docs.aws.amazon.com/appstream2/latest/developerguide/external-identity-providers-further-info.html
upvoted 1 times
...
siasiasia
1 year, 2 months ago
Selected Answer: C
you enable MFA through RADIUS not AWS Console. so A is out. there is no AppStream Linux so B and D are out.
upvoted 2 times
thotwielder
1 year, 1 month ago
Amazon AppStream 2.0 Introduces Linux Application Streaming https://aws.amazon.com/about-aws/whats-new/2021/11/amazon-appstream-2-0-linux-application-streaming/
upvoted 1 times
...
...
geekgirl007
1 year, 2 months ago
Selected Answer: C
To enable MFA for AWS services such as Amazon WorkSpaces and QuickSight, a key requirement is an MFA solution that is RADIUS
upvoted 2 times
...
Totoroha
1 year, 2 months ago
why answer is D: https://aws.amazon.com/appstream2/?p=pm&c=euc&pd=appstream2&z=4
upvoted 1 times
...
salazar35
1 year, 2 months ago
Selected Answer: C
https://aws.amazon.com/blogs/security/how-to-enable-multi-factor-authentication-for-amazon-workspaces-and-amazon-quicksight-by-using-microsoft-ad-and-on-premises-credentials/
upvoted 3 times
...
Jonalb
1 year, 3 months ago
Selected Answer: C
C. Use Amazon WorkSpaces para o serviço de desktop em nuvem. Configure uma conexão VPN com a rede local. Crie um conector AD e conecte-se ao Active Directory local. Configure um servidor RADIUS para MFA.
upvoted 2 times
devalenzuela86
1 year, 2 months ago
incorrect because it requires you to configure a RADIUS server for MFA, which is not required for this solution
upvoted 1 times
...
...
devalenzuela86
1 year, 3 months ago
Selected Answer: A
A for sure
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel